Since the time I first started working in a shared computing environment, in my case an IBM mainframe, I became very interested in security. It was completing the initial build-out of Global SprintLink and staring back over the expanse of the Internet and pondering its potential that fueled what would be come my obsession with the importance of security in distributed computing.

What are your favorite security tools?


I have a number and I'll list them. But as I often note when I speak and in my book, security is not strictly about the best tools. Being proficient in security tools is just one part of being good at security-- in fact, while it's a fascinating and important part, it's a smaller part. Understanding security is about understanding distributed computing technologies in breadth and, where necessary, great depth and how those technologies relate to security. It's an art form, a process, and a mind set. It's about understanding precisely how networks, applications, people, business, information, and infrastructure come together, along with the life cycle management of those things. By analogy, someone can have all the tools of a great car mechanic and know how to use each tool, but can't do much with them if they don't understand the car. So security knowledge of security tools by themselves is not enough. With that said, some of my favorite tools include Snort, NetCat, NMAP, Sam Spade, Protocol Analyzers in general (Ethereal, others), Nessus, dsniff, Tripwire, OpenSSL, PGP, Chkrootkit, and about 1000 other tools!

What operating system(s) do you use and why?